:.: pwnagotchi
Hola, I have been playing around with my pwnagotchi quiet for around 1 year and a half and it was a lot of fun, if you don't know what it is, you can just check out the github link, but from it:
...an A2C-based "AI" leveraging bettercap that learns from its surrounding WiFi environment to maximize the crackable WPA key material it captures...
I like to use this more to see where I walked and in which city than just to crack wifis, but that is also cool and sometimes useful, specially in a new city where I am not able to get a proper wifi
This is not about pwnagotchi itself, if you want to learn about it, just jump in the repo or all the other bunch of links and community they have, but about how to connect it to OpenBSD and interact with it. Some months ago I commited a little script to setup the pwnagotchi with OpenBSD, nothing fancy but it works as expected until I got into a rabbit hole with the same internal network at home, plus my new nasty kubernetes cluster (log entry soon...) started to mess up my network and my pwnagotchi started to get disconnected of my laptop and so on, so I decided to try to implement veb(4)/vport(4) for it (I also have my VMs now with it), and get a bit more control over the whole thing.
Basically I just replaced all the basic script for a dedicated veb(4)/vport(4), the new script looks like:
#!/bin/sh
USB_IFACE=$(ifconfig urndis0 | grep urndis0 | awk '{print $1}' | tr -d ':')
USB_IP=${2:-10.0.0.1}
if [ "${USB_IFACE}" == "urndis0" ]; then
ifconfig ${USB_IFACE} down > /dev/null 2>&1
ifconfig veb10 del vport10 > /dev/null 2>&1
ifconfig veb10 destroy > /dev/null 2>&1
ifconfig vport10 destroy > /dev/null 2>&1
ifconfig veb10 create && ifconfig veb10 up
ifconfig vport10 create && ifconfig vport10 up
ifconfig vport10 ${USB_IP} && \
ifconfig veb10 add vport10 && \
ifconfig veb10 add ${USB_IFACE} && \
ifconfig ${USB_IFACE} up && \
sysctl -w net.inet.ip.forwarding=1
echo "match out log on egress from vport10:network to any nat-to (egress)" | pfctl -f -
echo "sharing connecting from upstream interface to usb interface ${USB_IFACE} ..."
ssh pi@10.0.0.2
else
echo "can't find usb interface with ip $USB_IP"
exit 1
fiSo what we do here is to check that urndis(4) exist (which is the rpiz device) and it will look like this on your dmesg:
urndis0 at uhub1 port 2 configuration 2 interface 0 "Linux 4.19.127-Re4son+ with 20980000.usb RNDIS/Ethernet Gadget" rev 2.00/4.19 addr 8
urndis0: using Vendor, address 12:d2:3a:b2:2a:7aThen we make sure all the previous devices are down or destroyed, and later we create veb10 and mark it as up, as we do with vport10 (the "10" it's just to know to which network is attached, you can use just 0 or whatever), we set the gateway IP (10.0.0.1) for the pwnagotchi (10.0.0.2) on the vport10 device and then we add it to veb10, same as we do with urndis0, we mark it up, we enable the forwarding if is not already enabled, and then we tell pf to manage the traffic out and give the pwnagotchi internet access to do their thing.
That's it, now you can go for a walk and catch up a lot of insecure wifis in your city and then explore them on your lovely OpenBSD.